<?
// dbLogin.php
// ben@benmcgee.com
// 2008-02-01
// part of the UnderWARE schema
// Copyright 2008 Ben McGee
// available under the terms of The GNU General Public License Version 3

// check cookies to see if the user is logged in
if(isset($_COOKIE['ID_tasktimer'])) {
    $username = $_COOKIE['ID_tasktimer'];
    $pass = $_COOKIE['Key_tasktimer'];
    $check = mysql_query("SELECT * FROM ActiveUsers WHERE UserName = '$username'")
        or die(mysql_error());
    while($row = mysql_fetch_array( $check )) {
        if ($pass != $row['Password']) {
            header("Location: login.php");
        } else {
            $userid = $row['UserID'];
            $username = $row['UserName'];
        }
    }
} else {
    //if the cookie does not exist, they are taken to the login screen
    header("Location: login.php");
}
?>
